From 8976dc1f79e10982fc248f14b35a5a383f6f47ee Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Tue, 17 Jan 2023 00:41:46 +0100
Subject: [PATCH] Added support for RSA-PKCSv15-SHA224, SHA384 and SHA512. Also
 added support for RSA-PSS-SHA224, SHA384 and SHA512.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/hsm/cmd_signature.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/hsm/cmd_signature.c b/src/hsm/cmd_signature.c
index eb5f768..6f09944 100644
--- a/src/hsm/cmd_signature.c
+++ b/src/hsm/cmd_signature.c
@@ -105,13 +105,13 @@ int cmd_signature() {
         md = MBEDTLS_MD_SHA1;
     else if (p2 == ALGO_RSA_PKCS1_SHA256 || p2 == ALGO_RSA_PSS_SHA256 || p2 == ALGO_EC_SHA256)
         md = MBEDTLS_MD_SHA256;
-    else if (p2 == ALGO_EC_SHA224)
+    else if (p2 == ALGO_EC_SHA224 || p2 == ALGO_RSA_PKCS1_SHA224 || p2 == ALGO_RSA_PSS_SHA224)
         md = MBEDTLS_MD_SHA224;
-    else if (p2 == ALGO_EC_SHA384)
+    else if (p2 == ALGO_EC_SHA384 || p2 == ALGO_RSA_PKCS1_SHA384 || p2 == ALGO_RSA_PSS_SHA384)
         md = MBEDTLS_MD_SHA384;
-    else if (p2 == ALGO_EC_SHA512)
+    else if (p2 == ALGO_EC_SHA512 || p2 == ALGO_RSA_PKCS1_SHA512 || p2 == ALGO_RSA_PSS_SHA512)
         md = MBEDTLS_MD_SHA512;
-    if (p2 == ALGO_RSA_PKCS1_SHA1 || p2 == ALGO_RSA_PSS_SHA1 || p2 == ALGO_EC_SHA1 || p2 == ALGO_RSA_PKCS1_SHA256 || p2 == ALGO_RSA_PSS_SHA256 || p2 == ALGO_EC_SHA256 || p2 == ALGO_EC_SHA224 || p2 == ALGO_EC_SHA384 || p2 == ALGO_EC_SHA512) {
+    if (p2 == ALGO_RSA_PKCS1_SHA1 || p2 == ALGO_RSA_PSS_SHA1 || p2 == ALGO_EC_SHA1 || p2 == ALGO_RSA_PKCS1_SHA256 || p2 == ALGO_RSA_PSS_SHA256 || p2 == ALGO_EC_SHA256 || p2 == ALGO_EC_SHA224 || p2 == ALGO_EC_SHA384 || p2 == ALGO_EC_SHA512 || p2 == ALGO_RSA_PKCS1_SHA224 || p2 == ALGO_RSA_PKCS1_SHA384 || p2 == ALGO_RSA_PKCS1_SHA512 || p2 == ALGO_RSA_PSS_SHA224 || p2 == ALGO_RSA_PSS_SHA384 || p2 == ALGO_RSA_PSS_SHA512) {
         generic_hash(md, apdu.data, apdu.nc, apdu.data);
         apdu.nc = mbedtls_md_get_size(mbedtls_md_info_from_type(md));
     }
@@ -119,8 +119,7 @@ int cmd_signature() {
         mbedtls_rsa_context ctx;
         mbedtls_rsa_init(&ctx);
 
-        int r;
-        r = load_private_key_rsa(&ctx, fkey);
+        int r = load_private_key_rsa(&ctx, fkey);
         if (r != CCID_OK) {
             mbedtls_rsa_free(&ctx);
             if (r == CCID_VERIFICATION_FAILED)